LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2011-2723 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191
Created:September 9, 2011 Updated:November 28, 2011
Description: From the Debian advisory:

CVE-2011-2723: Brent Meshier reported an issue in the GRO (generic receive offload) implementation. This can be exploited by remote users to create a denial of service (system crash) in certain network device configurations.

CVE-2011-2928: Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted.

CVE-2011-3188: Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session.

CVE-2011-3191: Darren Lavender reported an issue in the Common Internet File System (CIFS). A malicious file server could cause memory corruption leading to a denial of service.

Alerts:
SUSE SUSE-SU-2011:1319-2 2011-12-14
SUSE SUSE-SU-2011:1319-1 2011-12-13
SUSE SUSE-SA:2011:046 2011-12-13
Oracle ELSA-2011-1465 2011-11-28
Oracle ELSA-2011-2033 2011-11-28
Oracle ELSA-2011-2033 2011-11-28
Scientific Linux SL-kern-20111122 2011-11-22
Red Hat RHSA-2011:1465-01 2011-11-22
Ubuntu USN-1256-1 2011-11-09
openSUSE openSUSE-SU-2011:1222-1 2011-11-08
openSUSE openSUSE-SU-2011:1221-1 2011-11-08
Red Hat RHSA-2011:1419-01 2011-11-01
SUSE SUSE-SA:2011:042 2011-10-28
SUSE SUSE-SU-2011:1195-1 2011-10-28
Ubuntu USN-1246-1 2011-10-25
Ubuntu USN-1245-1 2011-10-25
Ubuntu USN-1243-1 2011-10-25
Ubuntu USN-1242-1 2011-10-25
Ubuntu USN-1241-1 2011-10-25
Ubuntu USN-1240-1 2011-10-25
Ubuntu USN-1239-1 2011-10-25
Scientific Linux SL-kern-20111020 2011-10-20
Ubuntu USN-1236-1 2011-10-20
CentOS CESA-2011:1386 2011-10-21
Red Hat RHSA-2011:1386-01 2011-10-20
SUSE SUSE-SA:2011:041 2011-10-17
Ubuntu USN-1228-1 2011-10-12
Ubuntu USN-1227-1 2011-10-11
SUSE SUSE-SU-2011:1101-1 2011-10-10
SUSE SUSE-SU-2011:1100-1 2011-10-10
Fedora FEDORA-2011-12874 2011-09-18
Scientific Linux SL-kern-20111005 2011-10-05
Red Hat RHSA-2011:1350-01 2011-10-05
Fedora FEDORA-2011-13809 2011-10-05
Ubuntu USN-1225-1 2011-10-04
Ubuntu USN-1220-1 2011-09-29
Ubuntu USN-1219-1 2011-09-29
Ubuntu USN-1218-1 2011-09-29
Ubuntu USN-1216-1 2011-09-26
Debian DSA-2310-1 2011-09-22
Red Hat RHSA-2011:1321-01 2011-09-20
SUSE SUSE-SU-2011:1058-1 2011-09-21
SUSE SUSE-SA:2011:040 2011-09-20
Ubuntu USN-1208-1 2011-09-14
Ubuntu USN-1203-1 2011-09-13
Debian DSA-2303-2 2011-09-10
Debian DSA-2303-1 2011-09-08
Ubuntu USN-1253-1 2011-11-08
Red Hat RHSA-2012:0010-01 2012-01-10
openSUSE openSUSE-SU-2012:0206-1 2012-02-09
openSUSE openSUSE-SU-2012:0236-1 2012-02-09
Oracle ELSA-2012-0150 2012-03-07
SUSE SUSE-SU-2012:0364-1 2012-03-14
SUSE SUSE-SU-2012:0736-1 2012-06-14
openSUSE openSUSE-SU-2012:0799-1 2012-06-28
openSUSE openSUSE-SU-2012:1439-1 2012-11-05
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds